You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@libcloud.apache.org by "Tomaz Muraus (JIRA)" <ji...@apache.org> on 2013/06/04 19:35:20 UTC

[dev] [jira] [Commented] (LIBCLOUD-335) Storage layer is incompatible with IAM (or similar) restrictions

    [ https://issues.apache.org/jira/browse/LIBCLOUD-335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13674592#comment-13674592 ] 

Tomaz Muraus commented on LIBCLOUD-335:
---------------------------------------

How do you tell Libcloud to use that container - driver.get_container?

In any case, I need to look more closely into IAM stuff and see how it affects API calls.
                
> Storage layer is incompatible with IAM (or similar) restrictions
> ----------------------------------------------------------------
>
>                 Key: LIBCLOUD-335
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-335
>             Project: Libcloud
>          Issue Type: Bug
>          Components: Storage
>            Reporter: Noah Kantrowitz
>            Priority: Minor
>
> If I set an IAM policy (or presumably similar for other services) that restricts to just operations on a single container, and then tell libcloud to use that container, it still tries to list all containers the provider has. In S3 this triggers a security error since the user doesn't have permission to see other buckets. This makes it difficult to restrict permissions.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira